diff --git a/deploy/README.md b/deploy/README.md new file mode 100644 index 0000000..b645b37 --- /dev/null +++ b/deploy/README.md @@ -0,0 +1,15 @@ +# Deploying vbos-backend + +This app is currently deployed on a Digital Ocean Droplet using docker-caddy reverse proxy. +All deploy related configuration are in the `deploy/` directory. + +1. `deploy/caddy/docker-compose.yml` — starts the caddy reverse proxy which will watch any new containers with the caddy label. +2. `deploy/vbos/docker-compose.yml` — pulls the latest vbos-backend image and runs the application, with `.env` as the environment. + +To update or redeploy: +1. First ssh into the server. Keys are in 1PW +2. Fetch code and run migrations. + * Activate venv. `. ~/vbos-env/bin/activate` + * `cd vbos-backend && git pull`. `python manage.py migrate` +3. Then run `docker compose -f deploy/vbos/docker-compose.yml pull` to pull the new image. By default the image tag is `main` +4. Then run `docker compose -f deploy/vbos/docker-compose.yml --env-file /home/devseed/vbos-backend/.env up --force-recreate -d --no-deps vbos-backend` — this will start a new container and kill the older one for deploys with no downtime diff --git a/deploy/caddy/docker-compose.yml b/deploy/caddy/docker-compose.yml new file mode 100644 index 0000000..50ab2c2 --- /dev/null +++ b/deploy/caddy/docker-compose.yml @@ -0,0 +1,24 @@ +services: + caddy: + image: lucaslorentz/caddy-docker-proxy:ci-alpine + ports: + - 80:80 + - 443:443 + environment: + - CADDY_INGRESS_NETWORKS=caddy + networks: + - caddy + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - caddy_data:/data + - /home/devseed/vbos-backend/static:/www/html/static + restart: unless-stopped + # labels: + # caddy.debug: + +networks: + caddy: + external: true + +volumes: + caddy_data: {} diff --git a/deploy/vbos/docker-compose.yml b/deploy/vbos/docker-compose.yml new file mode 100644 index 0000000..328ebdb --- /dev/null +++ b/deploy/vbos/docker-compose.yml @@ -0,0 +1,37 @@ +services: + vbos-backend: + image: ghcr.io/developmentseed/vbos-backend:main + deploy: + mode: replicated + replicas: 1 + update_config: + order: start-first + failure_action: rollback + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8000/health"] + interval: 10s + timeout: 5s + retries: 5 + environment: + - DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY} + - DJANGO_AWS_ACCESS_KEY_ID=${DJANGO_AWS_ACCESS_KEY_ID} + - DJANGO_AWS_SECRET_ACCESS_KEY=${DJANGO_AWS_SECRET_ACCESS_KEY} + - DJANGO_AWS_STORAGE_BUCKET_NAME=${DJANGO_AWS_STORAGE_BUCKET_NAME} + - DJANGO_DB_URL=${DJANGO_DB_URL} + - DJANGO_SETTINGS_MODULE=vbos.config.production + - PORT=8000 + ports: + - "8080:8000" + ipc: host + networks: + - caddy + labels: + caddy: vbos-backend.ds.io + caddy.reverse_proxy: "{{upstreams 8000}}" + caddy.handle: "/static/*" + caddy.handle.root: "* /www/html" + caddy.handle.file_server: + +networks: + caddy: + external: true diff --git a/vbos/config/common.py b/vbos/config/common.py index 758d9cb..e32ac51 100755 --- a/vbos/config/common.py +++ b/vbos/config/common.py @@ -41,6 +41,7 @@ class Common(Configuration): ) ALLOWED_HOSTS = ["*"] + CSRF_TRUSTED_ORIGINS = ["https://vbos-backend.ds.io"] ROOT_URLCONF = "vbos.urls" SECRET_KEY = os.getenv("DJANGO_SECRET_KEY") WSGI_APPLICATION = "vbos.wsgi.application"